Upload
logan-white
View
217
Download
0
Tags:
Embed Size (px)
Citation preview
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 1
Active Networks
Bob Braden (ISI)with
Craig Partridge, Alden Jackson (BBN)
7 August 2002
DARPA WorkshopProgrammable Packets for Intelligent Networks
Menlo Park, CA
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 2
Outline
A. What is active networking?
B. The DARPA Active Networking program (DANP)
C. Future active networking research
D. A few thoughts about the workshop
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 3
A. What IS Active Networking?
• “... Routers or switches of the network perform customized computations on messages flowing through them.” Tennenhouse et al, 1997.
• Computation may be in the:
– Data plane -- processing data subflows
– Control plane -- customized algorithms for forwarding/signaling/mgt.
• Three ideas:
(1) Programmable routers
(2) Programmable packets
(3) Dynamic deployment of portable code into network nodes
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 4
Active Networking Ideas
(1) Programmable routers
– Router code can be dynamically installed/updated
• How dynamically? AN => very dynamically.
– Not so dynamically --
• IETF (FORCES WG) & IEEE standards efforts in progress
• Could lead to unbundling router software
(2) Programmable packets
– Capsules; each packet may carry program & data.
– The most aggressive form of active networking.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 5
Scope of this Definition
By this definition, active networking is already important in the real world... E.g.,
• “Middle boxes”
– Firewalls, NATs, ...
– Application services -- Web caches, video recoders, ...
• Generic Router Assist (GRA: IETF)
Built-in transport/app services,e.g., reliable multicast algorithms
• Content-based routing
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 6
B. Brief Overview of DANP
• Accomplishments
• The standard model
• The ABone testbed
• Conclusions
Disclaimer: This overview is filtered by my limited vision. I believe it touches the high spots, but it omits many projects and details.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 7
Accomplishments of DANP
An initial exploration of the problem space.Important accomplishments include:
– A wide variety of active network experiments
– A reference architecture for an active node
– Many distinct software prototypes, some following the reference architecture and some not.
– Prototypes of hardware assist
– A security model
– A national testbed for active nets research, the ABone
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 8
Reference Architecture
• Node Operating System (Node OS)
• Execution Environments (EEs)– Environments for AA execution (include p-code interpreter)
– Stable part of software in active node
• Active Applications (AAs)– Fundamental unit of network programming
– AA code may migrate from node to node
Node OS
. . .EE
AA AA . . .
EE
AAAA . . .
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 9
Reference Architecture (2)
FilterIPForwarding
TrafficControl
ExecutionEnvironment
General packet filter
Active packets
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 10
Reference Architecture (3)
• An EE is installed in a node by/under management control.
• AAs are dynamically deployed and may be transient or persistant.
• Expect: 1 nodeOS, a few EEs, many AAs in each active node.
• Kernel boundary not necessarily at EE/node OS interface.
Node OS
EE
AANode OS
AA
EEUser Space
KernelNode OS
EE
AA
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 11
Differing Realizations of Arch.
An EE may be:
• A user-level OS to control AA execution. [ANTS, ASP EEs]
• An interpreter for scripts carried in packets that invokes a local function library. [PLAN, SENCOMM EEs]
• An AA-specfic generic script that invokes AA-specific plugin modules. [CANES EE]
• A kernel environment for software plugin [Protocol booster]
• A line-card environment [Hardware plugin: WashU]
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 12
Software Prototypes from DANP
• Several prototype NodeOSs
• Scout, JANOS, AMP, ...
• Several Execution Environments (EEs)
– Capsule model:ANTS, ASP EEs: carry code by reference
PLAN EE, Smart Packets: carry code by value
– Programmable router model:CANES, Netscript EEs
• Some experimental Active Applications (AAs)
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 13
Experimental Active Applications
• Protocol boosters (service enhancers)
• Video recoding [CANES, ...EE]
• Intrusion detection & response [ANTS EE]
• Network management [Smart Packet, SENCOMM EEs]
• Distributed network metering
• Multicast (self-)routing [ANTS EE]
• Reliable multicast [ANTS+, CANES EEs]
• Concast [CANES EE]
• Signaling for active interest filtering [ASP EE]
• Ping (Doug’s favorite AA) [many EEs]
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 14
Why an ABone Testbed?
• The importance of being real (networking)
– Scale, heterogeneity, robustness.
– Establish credibility in the real networking world.
• The importance of being available
– Experiments with 20-100 nodes become feasible.
• The importance of research collaboration
– Building a system with common components
– Sharing tool development and software maintenance costs.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 15
The ABone We Built
• Nodes: diverse OS platforms provided by research sites.
– DARPA said plan for success => 1000 nodes; actually O(100).
– Unix-based NodeOSs (Linux, FreeBSD, Solaris), plus one purpose-built node OS (AMP)
• Links: Internet overlays (plus dedicated links in CAIRN testbed).
• Available to EE and AA developers
– Permanent virtual topologies (overlays) for ANTS, ASP EEs provide always-available distributed testbed for AA developers.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 16
Observations about AN Testbeds
• Both wide-area testbeds (ABone) and cluster testbeds (e.g., Utah Emulab) are needed for active network research, and they should be integrated.
• Testbed can expose system gaps
– E.g., ABone showed that unloading/un-caching portable code is harder than loading/caching it.
– E.g., revealed hard problem of debugging distributed algorithms
• To be effective, a shared testbed needs to be part of the research program from the beginning.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 17
C. Future Active Networking Research
• We should build a unified technology base for applying active networking to real world networking problems.
• Active networking has a credibility problem to overcome.
• Note that active networking does not fit into the all-optical network religion that is popular today.
• Active networking is not a panacea.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 18
Active Networking is not a Panacea
Many hard network problems will remain hard.– E.g., stable, responsive, scaleable routing for 10M nodes is a
very hard problem*; “intelligent networks” won’t help much.
• Local optimizations may be useful in limited situations, but they may also be destabilizing and counter-productive.
• BEWARE the Tragedy of the Commons; an essential aspect of communication is SHARING.
– E.g., how can we retain the inherent robustness and
extensibility of the E2E principle with middle boxes?
*A critical network research problem that is not getting enough attention or funding...
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 19
Active Networking: Hard Issues
• Security
– Achilles heel of active networking
– Tough nut to crack E.g., there is no known solution to fundamental
problem of securing active packets that can change at every hop.
– No experience with non-trivial deployment in real network
– Missing: scaleable security infrastructure, policy machinery, and user interface model.
– Only two levels: hard-core crypto, and no security -- Need more, to balance performance against security.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 20
Hard Issues (2)
• Security (continued)– DANP failed to create an acceptable security model early in
the program, to permit wide deployment of active technology.
• Limited AN credibility among other network research communities
• Allowed the AN community to duck the issue too long
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 21
Active Network Security
• Title can be parsed two ways.
– Security is a severe problem (maybe killer problem?) for active nets.Can security also be a killer app for active networks?
• Intrusion detection/response seems plausible.
• Security/authentication: “... Active networking may admit the design of an integrated [across layers] mechanism that governs all network resources and the information flowing through them. ... It allows us to program a security policy on a per-user or per-use basis” Tenn. et al 1997.
Is this an idea that can be further developed?
• Open issue: interaction of active networking with firewalls.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 22
Hard Issues (3)
• Language for portable code– Need safety, efficiency, compactness, & expressivity
– Tried: Java (mostly), OCAML, C
– Java was the obvious choice, but was it the right choice?• Java has been a moving target, and it is not portable across versions.
• Limited portability across platforms.
• Crucial components needed by AN are still unstable or missing.
• IPR has been, and is, a problem.
– The active nets program needs more stable implementations and perhaps a better language.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 23
What about Killer Applications?
Functions that are most effectively performed within network...
• Intrusion detection/response
• Network management and control
• Middle box configuration and control
• Multicasting, and its inverse, data fusion
• Signaling
• Research tool for prototyping new protocols and architectures??
But it may be wise to recall that the killer app for the ARPAnet was to be remote access to time-sharing and batch-processing systems ;-)
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 24
A Future Research Plan (?)
• Objective: Build and demonstrate a coherent technology for active networking– Build on each other’s work
• E.g., build a deployable reference active node.
• Measure success by contribution to integrated product
– Build around a shared testbed infrastructure
– Demonstrate at non-trivial scales and complexity levels
• Build program around 2-4 important networking application areas
• E.g., Security, middle boxes, network management?
• In any case, real-world networking.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 25
Future Research Topics [BBN]
1. Systems
– What should be the short- and long-term goals of our designs?
• Integrated per-port processing, sibling processing, flexible processing stages, or CANES-like slots?
– Where/how would you deploy these systems incrementally?
– How do we plan to manage these systems, esp. if they are allowed to mutate and change to track their environment?
2. Security
– What credentials would you want to allow someone else to run code in your nodes, even if it is someone you know?
– How do you describe to someone else your policy for what code is allowed to run in your nodes?
– How do you evaluate the effectiveness of your policy?
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 26
Comments on the Workshop
Thesis: Programmable packets enable intelligent networks, which can defend and optimize themselves.
Observations:
1. The term “Intelligent Networks” has a bad odor for some.
2. “Programmable packets” -- the more agressive model of AN.
3. “Defend itself” -- against?
4. “Opimize itself” -- self-tuning is a good thing, as long as it is not at the expense of robustness or adaptability.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 27
Defensible Networks: An Analogy
• Build a defensible national highway system.
– Cars & trucks are “smart packets”, self-routing datagrams.
[Note how well that works at 5:00 PM on the 10, 101, or 280 freeways]
– Defensible against what kinds of threats?
• DDoS attacks (cf. French farmers with tractors)?
• Road blocks, shell craters, bombed bridges?
– Ultimate defense may be redundancy.
– A secure highway system will not reduce the number of burglaries in homes and businesses.
People commonly confuse ES security with network security.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 28
AN and the Internet Architecture
• The Internet architecture got a lot of things basically right.
– Network transparency -- the E2E principle, i.e., an application-independent network.
– Heterogeneity of network technologies
– Architected robustness
– Extensibility and generality taking priority over optimization.
• Our problem is to preserve what is right while fixing what is wrong.
• We should avoid mythology, deal with reality.
7 Aug 02 Active Nets -- PP for IN Wkshop -- Braden 29
Internet Mythology
• “The Internet protocols are broken -- most everyone agrees”.
• “The Internet was designed for sharing research information --A few trusted partiesSImple low-value transactionsSparse bandwidth”
(I believe that the parts in italics are true)
• Let’s try to avoid hyperbole and mythology